Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dojo Dojo Objective Harness (DOH) version prior to version 1.14 contains a Cross Site Scripting (XSS) vulnerability in unit.html and testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/_base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliver malware, steal HTTP cookies, bypass CORS trust. This attack appear to be exploitable via Victims are typically lured to a web site under the attacker's control; the XSS vulnerability on the target domain is silently exploited without the victim's knowledge. This vulnerability appears to have been fixed in 1.14.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dojo Objective Harness 安全漏洞
Vulnerability Description
Dojo Objective Harness(DOH)是一款用于测试JavaScript函数和程序的单元测试工具。 DOH 1.14之前版本中的unit.html、testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html和testsDOH/_base/i18nExhaustive.js页面存在安全漏洞。攻击者可通过诱使用户访问攻击者控制的网站利用该漏洞发送恶意软件,窃取HTTPcookies或绕过安全保护。
CVSS Information
N/A
Vulnerability Type
N/A